IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Remove service accounts from public documentation as it's not being released yet (#44658)

Browse Source
This commit is contained in:
Vardan Torosyan 2022-01-31 16:37:51 +01:00 committed by GitHub
parent 5ca9d2895b
commit 2053049c40
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 0 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/sources/enterprise/access-control/permissions.md
View File

@ -91,7 +91,6 @@ The following list contains fine-grained access control actions.
| `licensing:update` | n/a | Update the license token. |
| `licensing:delete` | n/a | Delete the license token. |
| `licensing.reports:read` | n/a | Get custom permission reports. |
| `serviceaccounts:delete` | `serviceaccounts:*` <br> `serviceaccounts:id:*` | Delete one or more service accounts. |
## Scope definitions
@ -109,4 +108,3 @@ The following list contains fine-grained access control scopes.
| `settings:*` | Restrict an action to a subset of settings. For example, `settings:*` matches all settings, `settings:auth.saml:*` matches all SAML settings, and `settings:auth.saml:enabled` matches the enable property on the SAML settings. |
| `provisioners:*` | Restrict an action to a set of provisioners. For example, `provisioners:*` matches any provisioner, and `provisioners:accesscontrol` matches the fine-grained access control [provisioner]({{< relref "./provisioning.md" >}}). |
| `datasources:*`<br>`datasources:id:*`<br>`datasources:uid:*`<br>`datasources:name:*` | Restrict an action to a set of data sources. For example, `datasources:*` matches any data source, and `datasources:name:postgres` matches the data source named `postgres`. |
| `serviceaccounts:*` <br> `serviceaccounts:id:*` | Restrict an action to a set of service accounts. For example, `serviceaccounts:*` matches any service account and `serviceaccounts:id:1` matches the service account whose ID is `1`. |

1
docs/sources/http_api/_index.md
View File

@ -30,7 +30,6 @@ dashboards, creating users, and updating data sources.
- [Other API]({{< relref "other.md" >}})
- [Playlists API]({{< relref "playlist.md" >}})
- [Preferences API]({{< relref "preferences.md" >}})
- [Service account API]({{< relref "serviceaccount.md" >}})
- [Short URL API]({{< relref "short_url.md" >}})
- [Snapshot API]({{< relref "snapshot.md" >}})
- [Team API]({{< relref "team.md" >}})

44
docs/sources/http_api/serviceaccount.md
View File

@ -1,44 +0,0 @@
+++
title = "Service account HTTP API"
description = "Grafana Service account HTTP API"
keywords = ["grafana", "http", "documentation", "api", "service account"]
aliases = ["/docs/grafana/latest/http_api/serviceaccount/"]
+++
# Service account API
This API allows you to interact programmatically with the [Service accounts]({{< relref "../manage-users/serviceaccount/_index.md" >}}).
**> Note:** If you are using Grafana Enterprise and have [Fine-grained access control]({{< relref "../enterprise/access-control/_index.md" >}}) enabled, for some endpoints you need to have relevant permissions. Refer to specific resources to understand what permissions are required.
## Delete a service account
`DELETE /api/serviceaccounts/:serviceaccountId`
#### Required permissions
For details, see the [introduction]({{< ref "#user-api" >}}).
| Action | Scope |
| ---------------------- | ------------------ |
| serviceaccounts:delete | serviceaccounts:\* |
Deletes the given service account if it exists.
**Example request**:
```http
DELETE /api/serviceaccounts/1 HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
```
**Example response**:
```http
HTTP/1.1 200
Content-Type: application/json
{"message":"Service account deleted"}
```

11
docs/sources/manage-users/serviceaccount/_index.md
View File

@ -1,11 +0,0 @@
+++
title = "Service accounts"
weight = 100
+++
# Service accounts
A service account represents a Grafana service identity, which are users that are intended for programmatic use either internally for a Grafana feature or through an API key, such as timely reporting, automatic provisioning or systems interacting with Grafana. See [service account] for more information
- [Service account]({{< relref "serviceaccount.md" >}}) - Describes service account in detail.
- [Service account API]({{< relref "../../http_api/serviceaccount.md" >}}) - Manage users or change passwords programmatically.

20
docs/sources/manage-users/serviceaccount/serviceaccount.md
View File

@ -1,20 +0,0 @@
+++
title = "What are service accounts"
weight = 200
+++
What are service accounts?
A service account is a special kind of user used by an application or compute workload, which are users that are intended for programmatic use either internally for a Grafana feature or through an API key. Applications use service accounts to make authorized API calls, authorized as the service account itself.
For example, all reporting could be setup and run as a service account from your application, and that account can be given permissions to access the resources it needs. This way the service account is the identity of the service, and the service account's permissions control which resources the service can access.
A service account is identified by its login name, which is unique to the entire suite of organizations. The name is set upon creation of the service account.
Differences between a service account and a user account
Service accounts differ from user accounts in a few key ways:
- Service accounts do not have passwords, and cannot log in via browsers or cookies.
- Service accounts are associated with private/public RSA key-pairs that are used for authentication to Grafana.
- You can let other users or service accounts impersonate a service account.
- Service accounts lives on a organizational level, but it does not restrict them from acting cross organizational, such as adding or editing user information.